Simple Rule Order

Simple Rules
Published

January 9, 2025

Simple Rules ordering has often been described as a confused mess dreamt up by incompetent developers. Nothing could be further from reality.

How Rules Order

Simple Rules are automatically ordered based on:

Source

  1. Devices [<n]
  2. Networks [<n]
  3. All Devices/All Networks

Note: All Devices is implemented in the firewall as “All Local Networks”.

Destination

  1. Apps [DPI]
  2. App Groups [DPI]
  3. IP Address [IP]
  4. Domain Name [IP]
  5. Region [GeoIP]
  6. Internet [WAN, VPN]
  7. Local Network [LAN]

Notes:

Internet is defined as anything that is not a Local Network. VPN networks are not considered Local Networks.

When using subnets in IP Address, use the network and broadcast address for the subnet start and end address. eg 192.168.1.0-192.168.1.255

Action

  1. Speed Limit [Allow]
  2. Allow
  3. Block